CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...

CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...

Soholaunch Pro 4.9 r36 - Remote File Inclusion

Soholaunch Pro 4.9 r36 - Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV57$2006 ----------------------------------------------------------------------------------------------- ECHOADV57$2006Soholaunch Pro =4.9 r36 Multiple Remote File...

Cyberfolio 2.0 RC1 - 'av' Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV58$2006 ----------------------------------------------------------------------------------------------- ECHOADV58$2006Cyberfolio =2.0 RC1 $av Remote File Inclusion Vulnerability...

CVE-2006-5397

The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...

CVE-2006-5397

The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...

DEBIAN-CVE-2006-5397

The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...

CVE-2006-5397

The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...

MODx CMS 0.9.2.1 (base_path) Remote File Include Vulnerability

+------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: MODx CMS 0.9.2.1 + Vendor...

P-Book <= 1.17 (pb_lang) Remote File Inclusion Vulnerabilities

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV56$2006 ------------------------------------------------------------------------------ ECHOADV56$2006 P-Book = 1.17 pblang Remote File Inclusion...

New Vunerability

and now , 00 TNX str0k jamroom-3.0.19 Class: Remote|Local File Include Vulnerability Remote: Yes Local: No Type: High $it :http://www.jamroom.net/Downloads3Core Author: xw0x Contact: [email protected] Ramadan Bayarma All Musulman Vuln Code =================libchart.php================ requireonce...

Grep with web vulnerabilities mining+a WIN under the GREP Software-bug warning-the black bar safety net

a. The following grephttp://www.interlog.com/tcharron/grep.htmldoes not support the-r parameter,you can use the following format: grep-in "\include|require\" C:\test\. php C:\test\admin\. php You can also use cygwin ported to the grephttp://zhouzhen.eviloctal.org/Look.asp?LogID=814 b. A...

PHPWIND1.3.6论坛skin变量未过滤导致管理员密码更改漏洞

PHPWIND论坛是一款流行的PHP论坛，界面美观，功能也比较强大。但大家仔细看一下会发现不论是从界面功能还是代码风格，它和DISCUZ都非常相似，具体原因我想也就不用说了，毕竟DISCUZ出来比它要早很多。但安全上它没有继承DISCUZ的优点，DISCUZ论坛安全性非常好，而且商家也对此非常重视安全问题，国内论坛中不论从功能还是安全,第一非DISCUZ莫属。PHPWIND虽然代码严谨，逻辑清楚，但还是有一些漏洞，而且还相当严重。 skin变量未过滤导致管理员密码更改 漏洞代码如下header.php： !functionexists'readover' &&...

FreeBSD TOP Format String Vulnerability

No description provided by source. / freebsd x86 top exploit affected under top-3.5beta9 including this version 1. get the address of .dtors from /usr/bin/top using objdump , 'objdump -s -j .dtors /usr/bin/top' 2. divide it into four parts, and set it up into an environment variable like "XSEO=" ...

Resolv+ (RESOLV_HOST_CONF) Linux Library Local Exploit

No description provided by source. setenv RESOLVHOSTCONF /etc/shadow; ping adfas...

CVE-2006-5556

Buffer overflow in the localtimer function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable...

TextPattern <= 1.19 (publish.php) Remote File Inclusion Vulnerability

No description provided by source. ----------------------------------------------------------------------------br / TextPattern =g1.19 txpcfgtxpath Remote File Inclusion Vulnerabilitybr / ----------------------------------------------------------------------------br / br / Author : Zeni Susanto...

HP-UX LIBC TZ环境变量本地溢出漏洞

HP-UX是一款HP公司开发的UNIX操作系统。 HP-UX的LIBC实现在处理TZ环境变量时存在缓冲区溢出漏洞，本地攻击者可能利用此漏洞提升权限。 由于没有在localtimer及相关函数中执行充分的边界检查，HP-UX的libc库在处理TZ环境变量时存在栈溢出漏洞。任何使用timezone函数的suid或sgid程序都受这个漏洞影响。成功攻击可能导致权限提升。 HP HP-UX B.11.11 HP HP-UX B.11.04 HP HP-UX B.11.00 HP已经为此发布了一个安全公告（HPSBUX02091）以及相应补丁: HPSBUX02091：SSRT061099 rev...

动易NewComment.asp注入漏洞

在NewComment.asp文件中 ModuleName = Trimrequest"ModuleName" 这个ModuleName变量没过滤好，从而导致，我们可以在下面的SQL语句中构造我们的 SQL语句 If ModuleName "" Then If ChannelID 0 Then If ClassID 0 Then sqlComment = "Select top " & Num & " C. from PEComment C left join PE" & ModuleName & " A on C.InfoID=A." & ModuleName &...

HP-UX 11i - LIBC TZ Enviroment Variable Privilege Escalation

HP-UX 11i - LIBC TZ Enviroment Variable Privilege Escalation / HP-UX libc timezone environment overflow exploit ================================================ HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient...